Microsoft has agreed to make substantial changes to its Passport online identity system to make it comply with European privacy laws.

The demand for changes followed a European Union investigation into the identity system to see how well it protected personal information.

The changes mean that people will be able to decide how much data about them that they want Microsoft to hold, rather than simply handing over personal information.

The changes to Passport will be made over the next 18 months.

Secure password

The Passport service allows people to sign up once and use the same password to get access to online services hosted by many different companies.

The bottom line is that users' data will now be better protected

Frits Bolkestein, EU Internal Market Commissioner

Before now EU officials have been worried that the sensitive personal information people must surrender to get a Passport account was not being adequately protected.

It also had worries about the sweeping permission people signing up for Passport gave to Microsoft to use the personal information.

European data laws impose significant burdens on those that hold information about customers to try to ensure that it is not abused or stored for long periods without good reason.

The agreement reached with Microsoft means that when Europeans sign up for the service they will be asked to designate themselves as EU residents and then decide how much information they are happy to share with the software giant.

The site will also have links to web pages setting out European data protection laws.

Users will also be given advice on how to think up secure passwords.

"The bottom line is that users' data will now be better protected," said EU Internal Market Commissioner Frits Bolkestein.

The EU also issued guidelines for a project by
the Liberty Alliance to provide an alternative to Passport.

The privacy investigation is reportedly unrelated to an on-going probe into alleged anti-trust violations by the software giant.